Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Whitelist IP no longer working (Whitelist IP no longer working)
  •  
doug@s7.com

Messages: 3
Karma: 0
Send a private message to this user
I use custom blacklist & whitelist extensively to filter spam. I am very familiar with this and it's been working well in the past. I sometimes have occurences in which I want to receive email in a middle of a blacklist range so I then whitelist that section and I receive the email. For whatever reason, this has stopped working. A perfect example is an email from kerio that I was trying to get.

Here is pertinent tech info:

From mailserver.cfg
<listitem>
<variable name="Name">SPAM List</variable>
<variable name="Value">193.0.0.0-197.255.255.255</variable>
<variable name="Enabled">1</variable>
<variable name="Desc">AFRINIC</variable>
<variable name="Guid">2bc5e92c-55e6-4e6e-836f-e2215da25ced</variable >
<variable name="GroupGuid">39c51d2d-9dd1-4b9a-8534-f83e40ce0afa</variable >
</listitem>

After an email bounced, I added a custom whitelist rule as evident from my config.log
[03/May/2016 09:03:48] admin<_at_>s7.com - Insert IpAddress {enabled="True", type="Range", item="(195.39.55.0 / 195.39.55.255)", groupName="Whitelist", groupId=" keriodb://ipaddressgroup/3f381bba-4973-4041-b2fa-901dc19632e 5", description="Kerio/samepage"}

But as you can see from my security.log, it still got rejected. (email 'to' address changed)
[03/May/2016 09:06:19] IP address 195.39.55.142 found in local blacklist, mail from <apache@forum.kerio.com> to <removedforprivacy<_at_>home.com> rejected

Like I said, this was all working perfectly till recently. This is a third instance that I have recently become aware of and I am afraid other whitelist are not being honored as well.
  •  
Will Mayall

Messages: 171
Karma: 5
Send a private message to this user
Did you recently enable IPv6? There was a bug in versions previous to 9.0.3 where whitelisting broke.

I believe this is the relevant note in the Release Notes:
Fixed matching of localhost IP address in IP address groups on dual-stack IPv4/IPv6 server.

Will Mayall

[Updated on: Tue, 03 May 2016 16:36]

  •  
doug@s7.com

Messages: 3
Karma: 0
Send a private message to this user
I have not and not sure IP6 is even an option as I am still running 7.3.1 build 5770.

Aside from creation/deletion of occasional users and/or aliases, the blacklist & whitelist are the really the only config changes that I make. I thought I was maybe running into a limit so I deleted a bunch of ip list rules that were no longer needed in hopes of correcting the issue and it has not. Thanks for info though
  •  
doug@s7.com

Messages: 3
Karma: 0
Send a private message to this user
Just a note on the resolution. Somehow in the SPAM>Blacklist section, the Custom Whitelist of IP addresses drop down got changed to Local clients group instead of whitelist group so the behavior was consistent with the settings. I am still not sure how it got changed but the config log showed I was logged in when the change was done so somehow I must have done it even though it would be something I would know not to change.

Everything appears to be working correctly again.
Previous Topic: how to block *.docm attachments
Next Topic: Do I have a security breach?
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Mar 30 22:29:49 CEST 2017

Total time taken to generate the page: 0.00978 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.